Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-47862

Malicious code in bioql PyPI...

9.8CVSS8.1AI score0.01501EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/05 2:53 a.m.9 views

CVE-2024-6868

mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. When model configurations specify additional files as archives e.g., .tar, these archives are automatically extracted after downloading. This behavior can be exploited to perfor...

9.8CVSS9.8AI score0.01501EPSS
Exploits1References1
OSV
OSV
added 2024/10/29 1:15 p.m.12 views

CVE-2024-6868

mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. When model configurations specify additional files as archives e.g., .tar, these archives are automatically extracted after downloading. This behavior can be exploited to perfor...

9.8CVSS7.9AI score
Exploits0References2
NVD
NVD
added 2024/10/29 1:15 p.m.35 views

CVE-2024-6868

mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. When model configurations specify additional files as archives e.g., .tar, these archives are automatically extracted after downloading. This behavior can be exploited to perfor...

9.8CVSS0.01501EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/29 12:46 p.m.16 views

CVE-2024-6868 Arbitrary File Write in mudler/LocalAI

mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. When model configurations specify additional files as archives e.g., .tar, these archives are automatically extracted after downloading. This behavior can be exploited to perfor...

8.1CVSS8.2AI score0.01501EPSS
Exploits1References2
CVE
CVE
added 2024/10/29 12:46 p.m.53 views

CVE-2024-6868

CVE-2024-6868 affects mudler/LocalAI (version 2.17.1). The issue is improper handling of automatic archive extraction when model configurations specify archives (for example, .tar), causing archives to be extracted after download and enabling a potentially destructive “tarslip” that can write fil...

9.8CVSS8.5AI score0.01501EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/10/29 12:46 p.m.25 views

CVE-2024-6868 Arbitrary File Write in mudler/LocalAI

mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. When model configurations specify additional files as archives e.g., .tar, these archives are automatically extracted after downloading. This behavior can be exploited to perfor...

8.1CVSS0.01501EPSS
Exploits1References2
Rows per page
Query Builder